CVE-2024-34314

May 7, 2024, 8:07 p.m.

Tags

cve@mitre.org
2024-05-07
CVE-2024-34314

Product(s) Impacted

CmsEasy

  • 7.7.7.9

Description

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.

Weaknesses

Date

Published: May 7, 2024, 7:15 p.m.

Last Modified: May 7, 2024, 8:07 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cve@mitre.org

References

https://github.com/H3rmesk1t/vulnerability-paper/blob/main/CmsEasy-7.7.7.9-File%20Inclusion.md
cve@mitre.org